There Is Less Email Spam Around. Scammers are Moving to Social Networks

I am a Nigerian prince and I need your bank account number and your PIN. Earn ten thousand dollars per hour. Or just in short: ‘Cheap Viagra’. Messages like these arrive in ever smaller numbers these days. And that’s great. Spam has tricked a lot of people in the past, but that’s going to end eventually. Because criminals are shifting away from email spam and spam statistics are on the decline.

A report about security threats by Symantec shows that over the past three years, we have all been subjected to far less of these suspicious offers. While in 2012, spam constituted almost three quarters of all emails sent, last year spam rate was down to ‘just’ 60 percent.

Overall e‑mail spam rates

The overall email spam rate has been going down steadily for some time now.

Even the actual numbers of spam are dropping. The average daily global spam volume went down by a billion emails per year since 2012. Last year, the internet had to suffer through ‘only’ 28 billion pieces of spam every day.

One spam email per one regular message

Although the numbers may seem high – it’s about one legit email per one piece of spam – they are not so bad. Most of us don’t find spam in our inboxes very often. Because most of it is filtered out. And coders are always working on better algorithms to filter out those last few unwanted emails. Google has recently boasted about their 99.9 percent success rate when filtering out spam.

2012

2013

2014

Daily Global Spam Volume

30 billion

29 billion

28 billion

The average daily volume of email spam has gone down over the last three years. Source: Symantec, Internet Security Threat Report, Vol. 20.

That all sounds just lovely, the spam is going down, but what’s the catch? Is the number of internet scams and criminals using them getting lower as well?

I’m afraid not.

Spam, spam, spam, phishing and spam

There’s still about the same number of slippery conmen and other crooks on the internet – way too much. The decline in email spam has nothing to do with the size of their ranks.

It’s happening because they are shifting their focus on social networks and smartphone apps.

The attackers are slowly leaving the email spam method, because common knowledge about safe internet use is getting better and so are email filters. That’s why spam was not very successful in the recent past, which in turn is why scammers turn away from them.

Nowadays, other methods such as sending unwanted messages through messaging apps on our phones seems to be way more successful than email spam. Attackers often use hacked user accounts to send out messages that contain links leading to dangerous sites with malware or ad-supported sites that try to get people’s personally identifiable information under the guise of entering contests or claiming limited offers. This is known as phishing. Some sites pay money to the original attackers for the page-views or sensitive information, usually through affiliate programs. Others use the information themselves, for identity theft and other crimes.

Symantec’s researchers, for example, mention cases such as one where attackers used a hacked Snapchat account. The account started – unbeknownst to its owner – sending out messages like ‘Check out this great way to lose weight’ with included links to all its contacts. Such attacks can be difficult to tell apart from regular communication, as the message comes from a seemingly trustworthy source. Not even the URLs offer any help, as these can be and often are shortened by online services like goo.gl or bit.ly. A seemingly innocent link from a trusted source can hide absolutely anything.

Attackers have also used fake accounts on Instagram, claiming to be lottery winners that want to give out their winnings to other people. All they were asking for was to follow them and state some personal details in the comments to secure a part of the winnings! This socially engineered attack is too good to resist for a lot of people, but they endanger themselves and their friends as well.

What about your experiences?

There’s less spam as time goes on, but still enough scammers roam the internet. It’s handy to keep this advice in mind: if it sounds too good to be true, it probably is.

How often do you have to fish out spam from your inbox? Do you know anyone who has been scammed by ‘the Nigerian Prince’ or anything else? And have the attackers tried to get to you through social networks? Leave us a comment below, share your experiences and opinions.